package com.fary.web.servlet.mvc.method.annotation;

import com.fary.core.GenericTypeResolver;
import com.fary.core.MethodParameter;
import com.fary.core.ResolvableType;
import com.fary.core.SpringException;
import com.fary.core.io.InputStreamResource;
import com.fary.core.io.Resource;
import com.fary.core.io.support.ResourceRegion;
import com.fary.core.log.LogFormatUtils;
import com.fary.http.HttpHeaders;
import com.fary.http.HttpRange;
import com.fary.http.HttpStatus;
import com.fary.http.MediaType;
import com.fary.http.converter.GenericHttpMessageConverter;
import com.fary.http.converter.HttpMessageConverter;
import com.fary.http.server.ServletServerHttpRequest;
import com.fary.http.server.ServletServerHttpResponse;
import com.fary.util.Assert;
import com.fary.util.CollectionUtils;
import com.fary.util.StringUtils;
import com.fary.web.accept.ContentNegotiationManager;
import com.fary.web.context.request.NativeWebRequest;
import com.fary.web.context.request.ServletWebRequest;
import com.fary.web.method.support.HandlerMethodReturnValueHandler;
import com.fary.web.servlet.HandlerMapping;
import com.fary.web.util.UrlPathHelper;
import jdk.internal.jline.internal.Nullable;

import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.reflect.Type;
import java.util.*;

public abstract class AbstractMessageConverterMethodProcessor extends AbstractMessageConverterMethodArgumentResolver
        implements HandlerMethodReturnValueHandler {

    /* Extensions associated with the built-in message converters */
    private static final Set<String> SAFE_EXTENSIONS = new HashSet<>(Arrays.asList(
            "txt", "text", "yml", "properties", "csv",
            "json", "xml", "atom", "rss",
            "png", "jpe", "jpeg", "jpg", "gif", "wbmp", "bmp"));

    private static final Set<String> SAFE_MEDIA_BASE_TYPES = new HashSet<>(
            Arrays.asList("audio", "image", "video"));

    private static final List<MediaType> ALL_APPLICATION_MEDIA_TYPES =
            Arrays.asList(MediaType.ALL, new MediaType("application"));

    private static final Type RESOURCE_REGION_LIST_TYPE = new ParameterizedTypeReference<List<ResourceRegion>>() {}.getType();


    private static final UrlPathHelper decodingUrlPathHelper = new UrlPathHelper();

    private static final UrlPathHelper rawUrlPathHelper = new UrlPathHelper();

    static {
        rawUrlPathHelper.setRemoveSemicolonContent(false);
        rawUrlPathHelper.setUrlDecode(false);
    }


    private final ContentNegotiationManager contentNegotiationManager;

    private final Set<String> safeExtensions = new HashSet<>();


    /**
     * Constructor with list of converters only.
     */
    protected AbstractMessageConverterMethodProcessor(List<HttpMessageConverter<?>> converters) {
        this(converters, null, null);
    }

    /**
     * Constructor with list of converters and ContentNegotiationManager.
     */
    protected AbstractMessageConverterMethodProcessor(List<HttpMessageConverter<?>> converters, ContentNegotiationManager contentNegotiationManager) {
        this(converters, contentNegotiationManager, null);
    }

    /**
     * Constructor with list of converters and ContentNegotiationManager as well
     * as request/response body advice instances.
     */
    protected AbstractMessageConverterMethodProcessor(List<HttpMessageConverter<?>> converters, ContentNegotiationManager manager, List<Object> requestResponseBodyAdvice) {
        super(converters, requestResponseBodyAdvice);

        this.contentNegotiationManager = (manager != null ? manager : new ContentNegotiationManager());
        this.safeExtensions.addAll(this.contentNegotiationManager.getAllFileExtensions());
        this.safeExtensions.addAll(SAFE_EXTENSIONS);
    }


    /**
     * Creates a new {@link HttpOutputMessage} from the given {@link NativeWebRequest}.
     *
     * @param webRequest the web request to create an output message from
     * @return the output message
     */
    protected ServletServerHttpResponse createOutputMessage(NativeWebRequest webRequest) {
        HttpServletResponse response = webRequest.getNativeResponse(HttpServletResponse.class);
        Assert.state(response != null, "No HttpServletResponse");
        return new ServletServerHttpResponse(response);
    }

    /**
     * Writes the given return value to the given web request. Delegates to
     * {@link #writeWithMessageConverters(Object, MethodParameter, ServletServerHttpRequest, ServletServerHttpResponse)}
     */
    protected <T> void writeWithMessageConverters(T value, MethodParameter returnType, NativeWebRequest webRequest) throws IOException, SpringException {
        ServletServerHttpRequest inputMessage = createInputMessage(webRequest);
        ServletServerHttpResponse outputMessage = createOutputMessage(webRequest);
        writeWithMessageConverters(value, returnType, inputMessage, outputMessage);
    }

    /**
     * Writes the given return type to the given output message.
     *
     * @param value         the value to write to the output message
     * @param returnType    the type of the value
     * @param inputMessage  the input messages. Used to inspect the {@code Accept} header.
     * @param outputMessage the output message to write to
     * @throws IOException     thrown in case of I/O errors
     * @throws SpringException thrown when the conditions indicated
     *                         by the {@code Accept} header on the request cannot be met by the message converters
     * @throws SpringException thrown if a given message cannot
     *                         be written by a converter, or if the content-type chosen by the server
     *                         has no compatible converter.
     */
    @SuppressWarnings({"rawtypes", "unchecked"})
    protected <T> void writeWithMessageConverters(T value, MethodParameter returnType,
                                                  ServletServerHttpRequest inputMessage, ServletServerHttpResponse outputMessage) throws IOException, SpringException {

        Object body;
        Class<?> valueType;
        Type targetType;

        // 返回值为CharSequence类型
        if (value instanceof CharSequence) {
            body = value.toString();
            valueType = String.class;
            targetType = String.class;
        } else {
            // 其他类型
            body = value;
            // 获取返回值的类型
            valueType = getReturnValueType(body, returnType);
            /**
             * getGenericType(returnType)方法，解析方法声明的返回类型的泛型类型，见3.2.3.2
             * getContainingClass()方法，获取方法声明的返回类型的包含类
             *
             * 获取方法声明的返回类型的泛型类型
             */
            targetType = GenericTypeResolver.resolveType(getGenericType(returnType), returnType.getContainingClass());
        }

        /**
         * 处理器方法返回了一个资源类型的返回值
         * Resource的子类且非InputStreamResource
         */
        if (isResourceType(value, returnType)) {
            outputMessage.getHeaders().set(HttpHeaders.ACCEPT_RANGES, "bytes");
            if (value != null && inputMessage.getHeaders().getFirst(HttpHeaders.RANGE) != null &&
                    outputMessage.getServletResponse().getStatus() == 200) {
                Resource resource = (Resource) value;
                try {
                    List<HttpRange> httpRanges = inputMessage.getHeaders().getRange();
                    outputMessage.getServletResponse().setStatus(HttpStatus.PARTIAL_CONTENT.value());
                    body = HttpRange.toResourceRegions(httpRanges, resource);
                    valueType = body.getClass();
                    targetType = RESOURCE_REGION_LIST_TYPE;
                } catch (IllegalArgumentException ex) {
                    outputMessage.getHeaders().set(HttpHeaders.CONTENT_RANGE, "bytes */" + resource.contentLength());
                    outputMessage.getServletResponse().setStatus(HttpStatus.REQUESTED_RANGE_NOT_SATISFIABLE.value());
                }
            }
        }

        MediaType selectedMediaType = null;
        // getHeaders()方法，获取响应头
        // getContentType()方法，获取内容类型
        MediaType contentType = outputMessage.getHeaders().getContentType();
        // 判断用户指定响应的内容类型格式是否正确
        boolean isContentTypePreset = contentType != null && contentType.isConcrete();
        // 用户指定了响应的内容类型，且格式正确，那么就使用用户指定的
        if (isContentTypePreset) {
            if (logger.isDebugEnabled()) {
                logger.debug("Found 'Content-Type:" + contentType + "' in response");
            }
            selectedMediaType = contentType;
        } else {
            // 否则进入下面的内容协商过程
            HttpServletRequest request = inputMessage.getServletRequest();
            // 得到浏览器可接收所有内容类型
            List<MediaType> acceptableTypes = getAcceptableMediaTypes(request);
            // 得到服务器能够生产的所有内容类型
            List<MediaType> producibleTypes = getProducibleMediaTypes(request, valueType, targetType);

            if (body != null && producibleTypes.isEmpty()) {
                throw new SpringException("No converter found for return value of type: " + valueType);
            }
            List<MediaType> mediaTypesToUse = new ArrayList<>();
            /**
             * 双重循环，将浏览器可接收所有内容类型和服务器能够生产的所有内容类型一一比较
             * 找到所有同时兼容浏览器和服务器需求的内容类型
             */
            for (MediaType requestedType : acceptableTypes) {
                for (MediaType producibleType : producibleTypes) {
                    /**
                     * 判断requestedType和producibleType这两个媒体类型是否兼容
                     * 例如text/*就和text/plain、text/html兼容，反之亦然
                     */
                    if (requestedType.isCompatibleWith(producibleType)) {
                        /**
                         * getMostSpecificMediaType()方法， 比较requestedType和
                         * producibleType两个媒体类型谁更具体，返回更具体的那个
                         * 比如text/*和text/plain，那么就返回text/plain
                         */
                        mediaTypesToUse.add(getMostSpecificMediaType(requestedType, producibleType));
                    }
                }
            }
            if (mediaTypesToUse.isEmpty()) {
                // 有返回值却找不到合适的内容类型写入，抛异常
                if (body != null) {
                    throw new SpringException(producibleTypes);
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("No match for " + acceptableTypes + ", supported: " + producibleTypes);
                }
                return;
            }

            // 对支持的内容类型排序
            MediaType.sortBySpecificityAndQuality(mediaTypesToUse);

            for (MediaType mediaType : mediaTypesToUse) {
                // 使用第一个格式正确的内容类型
                if (mediaType.isConcrete()) {
                    selectedMediaType = mediaType;
                    break;
                    // 如果媒体类型是*/*、application/*之一
                    // 则约定使用application/octet-stream类型写入到响应体中
                } else if (mediaType.isPresentIn(ALL_APPLICATION_MEDIA_TYPES)) {
                    selectedMediaType = MediaType.APPLICATION_OCTET_STREAM;
                    break;
                }
            }

            if (logger.isDebugEnabled()) {
                logger.debug("Using '" + selectedMediaType + "', given " + acceptableTypes + " and supported " + producibleTypes);
            }
        }

        if (selectedMediaType != null) {
            // 得到该媒体类型的副本
            selectedMediaType = selectedMediaType.removeQualityValue();
            // 遍历所有的HttpMessageConverter
            for (HttpMessageConverter<?> converter : this.messageConverters) {
                GenericHttpMessageConverter genericConverter = (converter instanceof GenericHttpMessageConverter ? (GenericHttpMessageConverter<?>) converter : null);
                /**
                 * canWrite()方法判断的时候都加入媒体类型selectedMediaType的判断
                 * 需要同时满足三个条件，值类型，方法声明的返回值类型，媒体类型
                 */
                if (genericConverter != null ? ((GenericHttpMessageConverter) converter).canWrite(targetType, valueType, selectedMediaType) :
                        converter.canWrite(valueType, selectedMediaType)) {
                    // 序列化之前调用ResponseBodyAdvice，过程和RequestBodyAdvice差不多
                    body = getAdvice().beforeBodyWrite(body, returnType, selectedMediaType,
                            (Class<? extends HttpMessageConverter<?>>) converter.getClass(), inputMessage, outputMessage);
                    // 处理器方法返回了返回值
                    if (body != null) {
                        Object theBody = body;
                        LogFormatUtils.traceDebug(logger, traceOn -> "Writing [" + LogFormatUtils.formatValue(theBody, !traceOn) + "]");
                        // 添加Content-Disposition响应头
                        addContentDispositionHeader(inputMessage, outputMessage);
                        if (genericConverter != null) {
                            // 序列化，将返回值写入响应体中
                            genericConverter.write(body, targetType, selectedMediaType, outputMessage);
                        } else {
                            ((HttpMessageConverter) converter).write(body, selectedMediaType, outputMessage);
                        }
                    } else {
                        if (logger.isDebugEnabled()) {
                            logger.debug("Nothing to write: null body");
                        }
                    }
                    return;
                }
            }
        }

        /**
         * 内容协商失败
         * 在此处抛出异常
         */
        if (body != null) {
            Set<MediaType> producibleMediaTypes = (Set<MediaType>) inputMessage.getServletRequest()
                            .getAttribute(HandlerMapping.PRODUCIBLE_MEDIA_TYPES_ATTRIBUTE);

            if (isContentTypePreset || !CollectionUtils.isEmpty(producibleMediaTypes)) {
                throw new SpringException("No converter for [" + valueType + "] with preset Content-Type '" + contentType + "'");
            }
            throw new SpringException(this.allSupportedMediaTypes);
        }
    }

    /**
     * Return the type of the value to be written to the response. Typically this is
     * a simple check via getClass on the value but if the value is null, then the
     * return type needs to be examined possibly including generic type determination
     * (e.g. {@code ResponseEntity<T>}).
     */
    protected Class<?> getReturnValueType(Object value, MethodParameter returnType) {
        return (value != null ? value.getClass() : returnType.getParameterType());
    }

    /**
     * Return whether the returned value or the declared return type extends {@link Resource}.
     */
    protected boolean isResourceType(Object value, MethodParameter returnType) {
        Class<?> clazz = getReturnValueType(value, returnType);
        return clazz != InputStreamResource.class && Resource.class.isAssignableFrom(clazz);
    }

    /**
     * Return the generic type of the {@code returnType} (or of the nested type
     * if it is an {@link HttpEntity}).
     */
    private Type getGenericType(MethodParameter returnType) {
        if (HttpEntity.class.isAssignableFrom(returnType.getParameterType())) {
            return ResolvableType.forType(returnType.getGenericParameterType()).getGeneric().getType();
        } else {
            return returnType.getGenericParameterType();
        }
    }

    /**
     * Returns the media types that can be produced.
     *
     * @see #getProducibleMediaTypes(HttpServletRequest, Class, Type)
     */
    @SuppressWarnings("unused")
    protected List<MediaType> getProducibleMediaTypes(HttpServletRequest request, Class<?> valueClass) {
        return getProducibleMediaTypes(request, valueClass, null);
    }

    /**
     * Returns the media types that can be produced. The resulting media types are:
     * <ul>
     * <li>The producible media types specified in the request mappings, or
     * <li>Media types of configured converters that can write the specific return value, or
     * <li>{@link MediaType#ALL}
     * </ul>
     *
     * @since 4.2
     */
    @SuppressWarnings("unchecked")
    protected List<MediaType> getProducibleMediaTypes(HttpServletRequest request, Class<?> valueClass, Type targetType) {

        /**
         * 先得到保存在请求域中的浏览器可接收的媒体类型
         * PRODUCIBLE_MEDIA_TYPES_ATTRIBUTE=org.springframework.web.servlet.HandlerMapping.producibleMediaTypes
         */
        Set<MediaType> mediaTypes = (Set<MediaType>) request.getAttribute(HandlerMapping.PRODUCIBLE_MEDIA_TYPES_ATTRIBUTE);
        if (!CollectionUtils.isEmpty(mediaTypes)) {
            return new ArrayList<>(mediaTypes);
        } else if (!this.allSupportedMediaTypes.isEmpty()) {
            /**
             * allSupportedMediaTypes字段在RequestResponseBodyMethodProcessor构造方法初始化值
             * 它会解析持有的HttpMessageConverter，得到这些消息转换器能够转换类型
             * PRODUCIBLE_MEDIA_TYPES_ATTRIBUTE=org.springframework.web.servlet.HandlerMapping.producibleMediaTypes
             */
            List<MediaType> result = new ArrayList<>();
            /**
             * 遍历所有的HttpMessageConverter
             * 找到所有能将返回值类型的数据写入响应体的消息转换器
             * 调用这些转换器的getSupportedMediaTypes()方法得到它们支持处理的媒体类型
             */
            for (HttpMessageConverter<?> converter : this.messageConverters) {
                if (converter instanceof GenericHttpMessageConverter && targetType != null) {
                    if (((GenericHttpMessageConverter<?>) converter).canWrite(targetType, valueClass, null)) {
                        // 获取该消息转换器支持的媒体类型
                        result.addAll(converter.getSupportedMediaTypes());
                    }
                } else if (converter.canWrite(valueClass, null)) {
                    result.addAll(converter.getSupportedMediaTypes());
                }
            }
            return result;
        } else {
            return Collections.singletonList(MediaType.ALL);
        }
    }

    private List<MediaType> getAcceptableMediaTypes(HttpServletRequest request) throws SpringException {
        //通过内容协商管理器得到用户在请求中设置的可接收内容类型
        return this.contentNegotiationManager.resolveMediaTypes(new ServletWebRequest(request));
    }

    /**
     * Return the more specific of the acceptable and the producible media types
     * with the q-value of the former.
     */
    private MediaType getMostSpecificMediaType(MediaType acceptType, MediaType produceType) {
        MediaType produceTypeToUse = produceType.copyQualityValue(acceptType);
        return (MediaType.SPECIFICITY_COMPARATOR.compare(acceptType, produceTypeToUse) <= 0 ? acceptType : produceTypeToUse);
    }

    /**
     * Check if the path has a file extension and whether the extension is either
     * on the list of {@link #SAFE_EXTENSIONS safe extensions} or explicitly
     * {@link ContentNegotiationManager#getAllFileExtensions() registered}.
     * If not, and the status is in the 2xx range, a 'Content-Disposition'
     * header with a safe attachment file name ("f.txt") is added to prevent
     * RFD exploits.
     */
    private void addContentDispositionHeader(ServletServerHttpRequest request, ServletServerHttpResponse response) {
        HttpHeaders headers = response.getHeaders();
        if (headers.containsKey(HttpHeaders.CONTENT_DISPOSITION)) {
            return;
        }

        try {
            int status = response.getServletResponse().getStatus();
            if (status < 200 || status > 299) {
                return;
            }
        } catch (Throwable ex) {
            // ignore
        }

        HttpServletRequest servletRequest = request.getServletRequest();
        String requestUri = rawUrlPathHelper.getOriginatingRequestUri(servletRequest);

        int index = requestUri.lastIndexOf('/') + 1;
        String filename = requestUri.substring(index);
        String pathParams = "";

        index = filename.indexOf(';');
        if (index != -1) {
            pathParams = filename.substring(index);
            filename = filename.substring(0, index);
        }

        filename = decodingUrlPathHelper.decodeRequestString(servletRequest, filename);
        String ext = StringUtils.getFilenameExtension(filename);

        pathParams = decodingUrlPathHelper.decodeRequestString(servletRequest, pathParams);
        String extInPathParams = StringUtils.getFilenameExtension(pathParams);

        if (!safeExtension(servletRequest, ext) || !safeExtension(servletRequest, extInPathParams)) {
            headers.add(HttpHeaders.CONTENT_DISPOSITION, "inline;filename=f.txt");
        }
    }

    @SuppressWarnings("unchecked")
    private boolean safeExtension(HttpServletRequest request, String extension) {
        if (!StringUtils.hasText(extension)) {
            return true;
        }
        extension = extension.toLowerCase(Locale.ENGLISH);
        if (this.safeExtensions.contains(extension)) {
            return true;
        }
        String pattern = (String) request.getAttribute(HandlerMapping.BEST_MATCHING_PATTERN_ATTRIBUTE);
        if (pattern != null && pattern.endsWith("." + extension)) {
            return true;
        }
        if (extension.equals("html")) {
            String name = HandlerMapping.PRODUCIBLE_MEDIA_TYPES_ATTRIBUTE;
            Set<MediaType> mediaTypes = (Set<MediaType>) request.getAttribute(name);
            if (!CollectionUtils.isEmpty(mediaTypes) && mediaTypes.contains(MediaType.TEXT_HTML)) {
                return true;
            }
        }
        MediaType mediaType = resolveMediaType(request, extension);
        return (mediaType != null && (safeMediaType(mediaType)));
    }

    @Nullable
    private MediaType resolveMediaType(ServletRequest request, String extension) {
        MediaType result = null;
        String rawMimeType = request.getServletContext().getMimeType("file." + extension);
        if (StringUtils.hasText(rawMimeType)) {
            result = MediaType.parseMediaType(rawMimeType);
        }
        if (result == null || MediaType.APPLICATION_OCTET_STREAM.equals(result)) {
            result = MediaTypeFactory.getMediaType("file." + extension).orElse(null);
        }
        return result;
    }

    private boolean safeMediaType(MediaType mediaType) {
        return (SAFE_MEDIA_BASE_TYPES.contains(mediaType.getType()) || mediaType.getSubtype().endsWith("+xml"));
    }

}